Presentation is loading. Please wait.

Presentation is loading. Please wait.

Presentation on developments for the period Oct 2006 - Feb 2007 C.S.R.C.Murthy, Salim A. Pathan, Rohitashva Sharma & Dinesh Sarode.

Published byEunice Sullivan Modified over 8 years ago

Similar presentations

Presentation on theme: "Presentation on developments for the period Oct 2006 - Feb 2007 C.S.R.C.Murthy, Salim A. Pathan, Rohitashva Sharma & Dinesh Sarode."— Presentation transcript:

1 Presentation on developments for the period Oct 2006 - Feb 2007 C.S.R.C.Murthy, Salim A. Pathan, Rohitashva Sharma & Dinesh Sarode

2 Encryption using RSA asymmetric keys Encryption using RSA asymmetric keys Available for both UDP and TCP transport Available for both UDP and TCP transport Fine grain on/off control Fine grain on/off control Global level Global level Sensor level Sensor level Metric level Metric level Transport level Transport level No extra keys other than host keys No extra keys other than host keys Lemon Security - Encryption

3 Contd… Samples Transport Sample assembler with encrypt switch normal encrypt normal decrypt Parser with encrypt switch Transport Samples Lemon ServerLemon client

4 Encrypt/Decrypt timings table Server/Client configuration: Dual Xeon 2.8GHz, 2GB RAM Lemon Security - Encryption Contd… Type of keyData size (bytes) Encryption time (Approx milli seconds) Decryption time (Approx milli seconds) RSA1024500225 10003.555 15005.585 RSA20485002.560 10004.1140 15006.5221

5 Current shortcomings No support for aborting idle connections (A strong DOS possibility) No support for aborting idle connections (A strong DOS possibility) As many threads as the number of TCP transports As many threads as the number of TCP transports Multi stage cache mechanism Multi stage cache mechanism Very complex client/server protocol Very complex client/server protocol Difficult to maintain code Difficult to maintain code Lemon Transport Re-engineering Contd…

6 Contd… Transport 1 cache Transport 2 cache Transport N cache Samples Cache fillerPoll, assemble and transmit Transport threadMain thread Lemon Client Cache subsystem

7 Re-engineering salient features TIMEOUT configuration in both server and client TIMEOUT configuration in both server and client Only one thread for transport in agent Only one thread for transport in agent Single cache for each transport Single cache for each transport No DNS resolution on each transmit No DNS resolution on each transmit Simple protocol and easy to maintain code Simple protocol and easy to maintain code Lemon Transport Re-engineering Contd…

8 Lemon XML-API Lemon XML-API is developed in C++. It provide users an interface:- To fetch XML data from remote server, and To query the downloaded data. Uses ‘libxml2’ for XML parsing. Uses ‘libcurl’ for fetching HTTP requests.

9 Lemon XML-API Contd… XML Gateway Server Lemon XML API User Request (URL) Request (Thru API calls) Response (Raw XML data) Request (URL) Response (Raw XML data) Response (string data) Fig. Request-Response plot

10 Lemon XML-API API calls are divided into two broad categories: - Calls which deals with setting request parameters, such as: set_source(), set_metric(), set_start(), set_interval(), set_entity(), etc. Calls which deals with querying downloaded data, such as: get_all_metrics(), get_metric_names(), get_column_meta_data(), get_entities(), etc. Contd…

11 Lemon XML-API In addition the API also provide Iterators. Iterators can be used to iterate over samples contained in downloaded data set. Three types of Iterators are supported:- Sample Iterator, Entity Iterator, & Metric Iterator. API is designed to keep memory and CPU consumption low. API usage documentation is available. Contd…

12 Lemon XML-API Lemon XML-API is also available in Perl. SWIG is used to generate Perl interface to the C++ XML-API. Work involved:- Writing SWIG interface file, Defining SWIG typemaps, & Defining SWIG typechecks. Example code is written in Perl on how to use API calls through this interface. Contd… * Software Wrapper & Interface Generator *

13 Lemon XML-API Work going on to incorporate ‘local-cache access’ in the current API. Subset of available API calls will be used to access data from ‘local-cache’. Contd…

14 Wassh2 Re-engineering Wassh2 has been deployed in CERN – CC Wassh2 has been deployed in CERN – CC Added features are: Added features are: Support for sub clusters Support for sub clusters Support for comma separated cluster list Support for comma separated cluster list Support to execute –list option even without specifying shell command Support to execute –list option even without specifying shell command

15 SWRepSOAP SOAP based implementation of Software Repository (SWRep) for Quattor SOAP based implementation of Software Repository (SWRep) for Quattor Allows to manage software packages(RPMs) Allows to manage software packages(RPMs) Store in different platforms Store in different platforms Add, remove, query etc. stored packages Add, remove, query etc. stored packages Authentication and Authorization of users Authentication and Authorization of users Generates template with package list Generates template with package list

16 SWRepSOAP – New Features Savannah #20044: Support for Kerberos based authentication Savannah #20044: Support for Kerberos based authentication Savanna #18324: Support for registering operation authorship Savanna #18324: Support for registering operation authorship Savannah #20506: Support for MD5 checksum verification Savannah #20506: Support for MD5 checksum verification Savannah #11061: Support for package signature check at the time Savannah #11061: Support for package signature check at the time

17 SWRepSOAP – New Features Savannah #13383: Support for source RPMs Savannah #13383: Support for source RPMs Support to upload/delete packages to/from multiple platforms in one go Support to upload/delete packages to/from multiple platforms in one go Savannah #20039: Support for “last updated” timestamp for platforms Savannah #20039: Support for “last updated” timestamp for platforms Savannah #20040: One more level of authorization Savannah #20040: One more level of authorization

18 Notification System Re-Engineering Notification framework running in CERN computer center Notification framework running in CERN computer center Notifies individual nodes for predefined tasks Notifies individual nodes for predefined tasks Nodes can subscribe or unsubscribe for notification depending upon their state Nodes can subscribe or unsubscribe for notification depending upon their state More features are required More features are required

19 Notification System - Task User need not to login to server (as root) to notify nodes User need not to login to server (as root) to notify nodes Facility to select target hosts Facility to select target hosts Authentication Authentication Node to task relation ship should be extracted from CDB Node to task relation ship should be extracted from CDB Notification flow should be encrypted for integrity and authentication Notification flow should be encrypted for integrity and authentication

20 Notification System - Design User NC-Client Front-end Server Node-1 Config Node-2 Config Node-n Config NC-ServerNotification client SSM Tag Info Module SOAP (with authentication) Encryption with sender authentication TAG info Host list

21 Notification System – Work Done Detailed design document has been prepared First prototype has been developed and deployed on test machine Modifications suggested have been incorporated

22 CCM (Configuration Cache Manager) CCM is responsible for downloading and caching of the local node profile Provides NVA API to access local profile It is needed to extend CCM to cache non-local profiles and allow them to be accessed Work is going on for this

23 CCTracker CCTracker 1.5 released on 24 Oct, 2006 Features Updating of machine room information Updating of machine room information Ability to add/update/remove racks, PDUs and tape silos Ability to add/update/remove racks, PDUs and tape silos Display empty, populated and planned racks differently Display empty, populated and planned racks differently New "CC at a glance" tab with summary of objects New "CC at a glance" tab with summary of objects

24 CCTracker CCTracker release 1.6 is in progress Features New object supported UPS Normabarre Zone Power Infrastructure Domain model Power consumption view GUI to link different type of objects

25 CCTracker Power Infrastructure Domain Model

26 Developments CCTracker client xml parser enhancement CCTracker client xml parser enhancement New objects ups, zone, normabarre New objects ups, zone, normabarre Addition attributes :description, power Addition attributes :description, power Power domain model: Linking of objects Power domain model: Linking of objects CCTracker client view CCTracker client view Power Consumption view Power Consumption view Room->UPS->PDU->Rack->Machine hierarchy Properties of UPS, PDU, Rack, Normabarre Properties of UPS, PDU, Rack, Normabarre shows objects linked to it shows objects linked to it

27 Developments Properties update/modification Properties update/modification Context sensitive Popup to link Context sensitive Popup to linkRack->NormabarreNormabarre->PDUPDU->UPS CCTracker Server enhancement (CERN) CCTracker Server enhancement (CERN) Object linking Object linking Updates Updates The CCTracker release steps are automated The CCTracker release steps are automated The ant tasks created The ant tasks created Generate key Generate key Signing of jars Signing of jars

28 Snapshots Power View

29 Snapshots View Properties

30 Snapshots Context sensitive Popup to link Objects

31 Thank You…

Download ppt "Presentation on developments for the period Oct 2006 - Feb 2007 C.S.R.C.Murthy, Salim A. Pathan, Rohitashva Sharma & Dinesh Sarode."

Similar presentations

What’s New in Fireware XTM v11.3.4

What’s New in Fireware XTM v11.3.4
Wei Lu 1, Kate Keahey 2, Tim Freeman 2, Frank Siebenlist 2 1 Indiana University, 2 Argonne National Lab

Wei Lu 1, Kate Keahey 2, Tim Freeman 2, Frank Siebenlist 2 1 Indiana University, 2 Argonne National Lab
GridPP7 – June 30 – July 2, 2003 – Fabric monitoring– n° 1 Fabric monitoring for LCG-1 in the CERN Computer Center Jan van Eldik CERN-IT/FIO/SM 7 th GridPP.

GridPP7 – June 30 – July 2, 2003 – Fabric monitoring– n° 1 Fabric monitoring for LCG-1 in the CERN Computer Center Jan van Eldik CERN-IT/FIO/SM 7 th GridPP.
CCTracker Presented by Dinesh Sarode Leaf : Bill Tomlin IT/FIO URL

CCTracker Presented by Dinesh Sarode Leaf : Bill Tomlin IT/FIO URL
19/06/2002WP4 Workshop - CERN WP4 - Monitoring Progress report

19/06/2002WP4 Workshop - CERN WP4 - Monitoring Progress report
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
DataGrid is a project funded by the European Union 22 September 2003 – n° 1 EDG WP4 Fabric Management: Fabric Monitoring and Fault Tolerance

DataGrid is a project funded by the European Union 22 September 2003 – n° 1 EDG WP4 Fabric Management: Fabric Monitoring and Fault Tolerance
Team: Maya Zalcberg Diana Attar Levona Hershtik Academic advisor: Prof. Ehud Gudes ADD Presentation.

Team: Maya Zalcberg Diana Attar Levona Hershtik Academic advisor: Prof. Ehud Gudes ADD Presentation.
Collaborative Picture Gallery Project Presentation Amos Hersch Aviad Barzilai Supervisor Maxim Gurevitch Lab Chief Eng. Ilana David.

Collaborative Picture Gallery Project Presentation Amos Hersch Aviad Barzilai Supervisor Maxim Gurevitch Lab Chief Eng. Ilana David.
L. Granado Cardoso, F. Varela, N. Neufeld, C. Gaspar, C. Haen, CERN, Geneva, Switzerland D. Galli, INFN, Bologna, Italy ICALEPCS, October 2011.

L. Granado Cardoso, F. Varela, N. Neufeld, C. Gaspar, C. Haen, CERN, Geneva, Switzerland D. Galli, INFN, Bologna, Italy ICALEPCS, October 2011.
Jason Morrill NCOAUG Training Day February, 2008

Jason Morrill NCOAUG Training Day February, 2008
1 Kyung Hee University Prof. Choong Seon HONG Network Control.

1 Kyung Hee University Prof. Choong Seon HONG Network Control.
Linux Operations and Administration

Linux Operations and Administration
Web Servers Web server software is a product that works with the operating system The server computer can run more than one software product such as e-mail.

Web Servers Web server software is a product that works with the operating system The server computer can run more than one software product such as .
The Design Discipline.

The Design Discipline.
MCTS Guide to Microsoft Windows Server 2008 Applications Infrastructure Configuration (Exam # 70-643) Chapter Two Deploying Windows Servers.

MCTS Guide to Microsoft Windows Server 2008 Applications Infrastructure Configuration (Exam # ) Chapter Two Deploying Windows Servers.
Hands-On Microsoft Windows Server 2008 Chapter 1 Introduction to Windows Server 2008.

Hands-On Microsoft Windows Server 2008 Chapter 1 Introduction to Windows Server 2008.
WP4-install task report WP4 workshop Barcelona project conference 5/03 German Cancio.

WP4-install task report WP4 workshop Barcelona project conference 5/03 German Cancio.
SUSE Linux Enterprise Server Administration (Course 3037) Chapter 4 Manage Software for SUSE Linux Enterprise Server.

SUSE Linux Enterprise Server Administration (Course 3037) Chapter 4 Manage Software for SUSE Linux Enterprise Server.
9/15/2015© 2008 Raymond P. Jefferis IIILect 10 - 1 Application Layer.

9/15/2015© 2008 Raymond P. Jefferis IIILect Application Layer.

Similar presentations

Ads by Google